Plattform
wordpress
Komponente
sogrid
Behoben in
1.5.7
CVE-2024-54374 describes a Path Traversal vulnerability within the Sogrid WordPress plugin. This flaw allows attackers to potentially include arbitrary files on the server, leading to sensitive data exposure or even remote code execution. The vulnerability impacts versions of Sogrid up to and including 1.5.6, with a fix available in version 1.5.7.
The primary impact of this vulnerability is the ability for an attacker to leverage Path Traversal to achieve PHP Local File Inclusion (LFI). By manipulating file paths, an attacker can trick the application into including files outside of the intended directory. This could allow them to read sensitive configuration files, source code, or even execute arbitrary PHP code on the server. Successful exploitation could lead to complete compromise of the WordPress instance and potentially the underlying server, depending on the server's configuration and permissions. The blast radius extends to any data accessible through the web server, including user data, database credentials, and system files.
This vulnerability was publicly disclosed on December 16, 2024. While no active exploitation campaigns have been definitively confirmed, the availability of a Path Traversal vulnerability in a widely used WordPress plugin presents a significant risk. The ease of exploitation, combined with the prevalence of WordPress installations, makes this a potentially attractive target for malicious actors. No KEV listing is currently available.
WordPress websites utilizing the Sogrid plugin, particularly those running older versions (≤1.5.6), are at risk. Shared hosting environments where users have limited control over plugin updates are especially vulnerable. Sites with default configurations or those lacking robust security practices are also at increased risk.
• wordpress / composer / npm:
grep -r "../" /var/www/html/wp-content/plugins/sogrid/*• generic web:
curl -I 'http://your-wordpress-site.com/wp-content/plugins/sogrid/../../../../etc/passwd'disclosure
Exploit-Status
EPSS
4.46% (89% Perzentil)
CISA SSVC
CVSS-Vektor
The recommended mitigation is to immediately upgrade the Sogrid plugin to version 1.5.7 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds. These include restricting file access permissions within the WordPress directory to prevent unauthorized file reads. Implement strict input validation and sanitization to prevent attackers from manipulating file paths. Web Application Firewalls (WAFs) can be configured to block requests containing suspicious path traversal patterns. Regularly review and update WordPress core, themes, and plugins to minimize the attack surface.
Actualice el plugin Sogrid a la última versión disponible. Si no hay una versión disponible, considere deshabilitar o eliminar el plugin hasta que se publique una versión corregida. Esto evitará la vulnerabilidad de inclusión de archivos locales.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-54374 is a Path Traversal vulnerability affecting the Sogrid WordPress plugin, allowing attackers to potentially include arbitrary files on the server.
You are affected if you are using Sogrid version 1.5.6 or earlier. Upgrade to version 1.5.7 to mitigate the risk.
Upgrade the Sogrid plugin to version 1.5.7 or later. As a temporary workaround, restrict file access permissions and implement WAF rules.
As of December 2024, there are no confirmed reports of active exploitation, but the vulnerability's nature suggests potential for future attacks.
Refer to the Sogrid plugin's official website or WordPress plugin repository for the latest advisory and update information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.